Why is Eth::OpenSsl.sign_compact non-idempotent?

Question

Why is Eth::OpenSsl.sign_compact non-idempotent?

patrick99e99 opened this issue 5 years ago · comments

I was a little surprised to see that calling sign_compact with the same values results in different output... ? Is this a bug?

[17] pry(main)> Eth::OpenSsl.sign_compact 'foo', k.private_hex, k.public_hex
=> "\e\x96*6\x1DYz*\x18Z\xEA\xA7\x01\xC8\xBE\x9D\xF4\x8Bo\x18\xDCO\xFD\xF8\xD0*T\x8A5\xDE\t\xB7\xA2\x8A0\xCF\x88\xEA\xE8\x15\x8E&\x02\xA9\x81r\xD6F}V\xB0\x8E\x1A\xB6\xCB\x10\xF2\x8D\x9CG\xAE\x1C\x15\x90\xEB"
[18] pry(main)> Eth::OpenSsl.sign_compact 'foo', k.private_hex, k.public_hex
=> "\x1C\xA1.n\xE7\"_=L\xD4$\xCA\x7FJ\x04\xB2\xE8\xFB\t\nO\xF7\xFCA_\xF9\xE8#\xD3[\x89\x8F\xFA\xA2\x03\x98w\xC4i\x10\x18\x89\v-\xAERrs\x14\xC9(\\\xC1&L\xBEB\xD0_\xFDn\xAF4\xDC~"
[19] pry(main)> Eth::OpenSsl.sign_compact 'foo', k.private_hex, k.public_hex
=> "\e\x1F^\xE9X\xAA\xE8\xEC(\xF0\xA2\x8C\xA55\x06\x00e\x15'm\xE9\xE2\x14\n\x18\xF8\xE0\x1E\x94\a\xBC\xF0\xBBa[D\\\xC8\xD8\xC8\xC5\xC9\x85\x1Ae\x95V\xBC|J\xEB\xA0\x0Fc\xBE\xCD^g\x98\x11\xFB\x02Q#\xDC"

Afri · Answer 1 · Wed Dec 22 2021 21:18:02 GMT+0800 (China Standard Time)

I do not plan to either investigate or fix this. For the upcoming release 0.5.0, I will rather replace the entire openssl code with a pure secp256k1 library. I don't think this gem should roll its own custom crypto functions.

So far, I was able to implement all key-pair and signature logic in pure secp256k1.

ref q9f/eth.rb#4
ref q9f/eth.rb#24